Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Tealium iQ Tag Management allows Object Injection. This issue affects Tealium iQ Tag Management versions: from 0.0.0 to 2.4.0.CreditsDrew Webber (mcdruid)Benji Fisher (benjifisher)Daniel Schiavone (schiavone)Benji Fisher (benjifisher)Bram Driesen (bramdriesen)Neil Drumm (drumm)Drew Webber (mcdruid)Juraj Nemec (poker10)Referenceshttps://www.drupal.org/sa-contrib-2026-064